Isaca CISA Quiz 439 Topic 1 Questions 2191-2195

Question: 1

During audit planning, an IS auditor walked through the design of controls related to a new data loss prevention tool. It was noted that the tool will be configured to alert. IT management when large files are sent outside of the organization via email. What type of control will be tested?

ADetective

BCorrective

CDirective

DPreventive

Show Answer

Question: 2

When conducting a post implementation review which of the following is the BEST way to determine whether the value from an IT project has been achieved?

AInterview stakeholders

BCalculate the return on investment (ROI)

CConduct an earned value analysis (EVA)

DSurvey and users

Show Answer

Question: 3

A PRIMARY benefit derived by an organization employing control self-assessment (CSA) techniques s that CSA.

AAllow management to relinquish responsibilities of control

BAllows IS auditors 10 independently assess risk

CCan identify high-risk areas for detailed review

DCan be used as a replacement for traditional audits

Show Answer

Question: 4

In a typical SDLC, which group is PRIMARILY responsible for confirming compliance with requirements?

ARisk management

BQuality assurance

CSteering committee

DInternal audit

Show Answer

Question: 5

Which of the following is MOST important to ensure that electronic evidence collected during a forensic investigation will be admissible in future legal proceeding?

ADocumentation evidence handling by personnel throughout the forensic investigation

BEngaging an independent third party to perform the forensic investigation

CRestricting evidence access to professionally certified forensic investigation

DPerforming investigate procedures on the original hard drives rather than images of the hard drives

Show Answer

Isaca CISA Quiz:439 Topic:1 Questions:2191-2195